Computer underground Digest Tue, Mar 10, 1992 Volume 4 : Issue 11 Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Associate Editor: Etaion Shrdlu CONTENTS, #4.11 (Mar 10, 1992) File 1--Net Resources File 2--Readers Reply: "Bury Usenet" File 3--Readers Reply: Apology to Craig Neidorf (CuD #4.10) File 4--F.B.I. and Digital Communications Amendment (NYT synopsis) File 5--F.B.I.' Proposed Digital Communications Legislation File 6--CPSR Response to FBI Proposal File 7--"Real Hackers?" Comparing the old and the new (DFP Reprint) File 8--BBSes and Telco Rates File 9--HACKING grounds for dismissal File 10--Updated Info on 2nd Annual Int'l BBSing & Elec. Comm Conf. Issues of CuD can be found in the Usenet alt.society.cu-digest news group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414) 789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.132), chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au. To use the U. of Chicago email server, send mail with the subject "help" (without the quotes) to archive-server@chsun1.spc.uchicago.edu. European distributor: ComNet in Luxembourg BBS (++352) 466893. NOTE: THE WIDENER SITE IS TEMPORARILY RE-ORGANIZING AND IS CURRENTLY DIFFICULT TO ACCESS. FTP-ERS SHOULD USE THE ALTERNATE FTP SITES UNTIL FURTHER NOTICE. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Mon, 9 Mar 92 19:58:41 CST From: Moderators <tk0jut2@mvs.cso.niu.edu> Subject: File 1--Net Resources Frank Klaess, sysop of ComNet in Luxembourg, is providing CuDs and other text files on ComNet Luxembourg BBS. ComNet is a two-line, 14,400 board and the phone number is: (++352) 466893. ComNet is not yet accessible through internet, but Frank can be reached on PC-Exec BBS in Milwaukee (414) 789-4352. +++++++ The Well, perhaps the best system in the country, is now accessible through ftp (192.132.30.2). The initial sign-up is nominal, and usage fees are more than reasonable ($10 a month and $2 an hour). There are thousands of discussion topics, conferences on almost every issue conceivable, and there are a number of services and features that make it a valuable investment. Cybernauts would find the Hacking, EFF (Electronic Frontier Foundation) and CPSR (Computer Professionals for Social Responsibility) conferences especially interesting. ------------------------------ Date: 8 Mar 92 13:53:33 CST (Sun) From: peter@TARONGA.COM(Peter da Silva) Subject: File 2--Readers Reply: "Bury Usenet" Building a new net with a wider bandwidth and tighter controls, as Steve seems to want, is a SMOP. Write the software, build your Usenet II, and if it's really that far superior then it will supplant Usenet I. People are always coming up with improvements they'd like to the basic Usenet model, but none seem willing to put their money where their mouth is. Come on, Steve. You can use the existing transport mechanism, even. Just a new newsreader or two and you're in business! ------------------------------ Date: Sun, 8 Mar 92 13:55:28 EST From: The Advocate <unixville@matrix.uunet.uu.net> Subject: File 3--Readers Reply: Apology to Craig Neidorf (CuD #4.10) A poster in CuD 4.10 writes: > I never meant to suggest that Craig was in any way "at fault" for the > cost of his defense, nor to discourage people from donating money to > offset his expenses. I was just wondering, did craig ever consider getting a public defender? After all, he was above 18, he was an independent student. I think he could have qualified, with a little finagling. A lot of them are damn good. I think I had disconnected, during the arrest periods, due to work loads or i would have suggested it. HAve to admit, it would have been nice to put the tab on uncle sam. and federal PDs are 1000 fold better then local ones. ((Moderators' note: Craig's initial attorney seemed unfamiliar with the issues his case raised. The Advocate is correct in observing that many public defenders are competent, idealistic, and hard working. Unfortunately, the issues raised in this case were beyond the resources and expertise of most public defenders and required some specialized skills. In Chicago, the jurisdiction of Craig's trial, Federal public defenders are appointed only if the defendant can demonstrate financial need, and Craig, at best, probably would not have qualified. Public defense attorneys appointed by the presiding judge from a pro bono list, and while, through luck if the draw, it is possible to obtain some of the best legal counsel in the country, it is just as likely that he would be appointed one who neither was familiar with nor willing to take on the line of defense ultimately used. Unfortunately, our system of justice requires investment of resources before the wheels turn properly.)) ------------------------------ Date: Mon, 9 Mar 92 01:32:06 EST From: Cy Burway <finder@canfield.com> Subject: File 4--F.B.I. and Digital Communications Amendment (NYT synopsis) As Technology Makes Wiretaps More Difficult, F.B.I. Seeks Help (From: New York Times, March 8, 1992: p. I-12) By Anthony Ramirez The Department of Justice says that advanced telephone equipment in wide use around the nation is making it difficult for law-enforcement agencies to wiretap the phone calls of suspected criminals. The Government proposed legislation Friday requiring the nation's telephone companies to give law-enforcement agencies technical help with their eavesdropping. Privacy advocates criticized the proposal as unclear and open to abuse. In the past, the Federal Bureau of Investigation and other agencies could simply attach alligator clips and a wiretap device to the line hanging from a telephone pole. Law-enforcement agents could clearly hear the conversations. That is still true of telephone lines carrying analog transmissions, the electronic signals used by the first telephones in which sounds correspond proportionally to voltage. But such telephone lines are being steadily replaced by high-speed, high-capacity lines using digital signals. On a digital line, F.B.I. agents would hear only computer code or perhaps nothing at all because some digital transmissions are over fiber-optic lines that convert the signals to pulses of light. In addition, court-authorized wiretaps are narrowly written. They restrict the surveillance to particular parties and particular topics of conversation over a limited time on a specific telephone or group of telephones. That was relatively easy with analog signals. The F.B.I. either intercepted the call or had the phone company re-route it to an F.B.I. location, said William A. Bayse, the assistant director in the technical services division of the F.B.I. But tapping a high-capacity line could allow access to thousands of conversations. Finding the conversation of suspected criminals, for example, in a complex "bit stream" would be impossible without the aid of phone company technicians. There are at least 140 million telephone lines in the country and more than half are served in some way by digital equipment, according to the United States Telephone Association, a trade group. The major arteries and blood vessels of the telecommunications network are already digital. And the greatest part of the system, the capillaries of the network linking central telephone offices to residences and businesses, will be digital by the mid-1990s. Thousand Wiretaps The F.B.I. said there were 1,083 court-authorized wiretaps--both new and continuing--by Federal, state, and local law-enforcement authorities in 1990, the latest year for which data are available. Janlori Goldman, director of the privacy and technology project for the American Civil Liberties Union, said she had been studying the development of the F.B.I. proposal for several months. "We are not saying that this is not a problem that shouldn't be fixed," she said, "but we are concerned that the proposal may be overbroad and runs the risk that more information than is legally authorized will flow to the F.B.I. In a news conference in Washington on Friday, the F.B.I. said it was seeking only to "preserve the status quo" with its proposal so that it could maintain the surveillance power authorized by a 1968 Federal law, the Omnibus Crime Control and Safe Streets Act. The proposal, which is lacking in many details is also designed to benefit state and local authorities. Under the proposed law, the Federal Communications Commission would issue regulations to telephone companies like the GTE Corporation and the regional Bell telephone companies, requiring the "modification" of phone systems "if those systems impede the Government's ability to conduct lawful electronic surveillance." In particular, the proposal mentions "providers of electronic communications services and private branch exchange operators," potentially meaning all residences and all businesses with telephone equipment. Frocene Adams, a security official with US West in Denver is the chairman of Telecommunications Security Association, which served as the liaison between the industry and the F.B.I. "We don't know the extent of the changes required under the proposal," she said, but emphasized that no telephone company would do the actual wiretapping or other surveillance. Computer software and some hardware might have to be changed, Ms. Adams aid, but this could apply to new equipment and mean relatively few changes for old equipment. ------------------------------ Date: Mon, 9 Mar 92 19:58:41 CST From: Jim Thomas <tk0jut2@mvs.cso.niu.edu> Subject: File 5--F.B.I.' Proposed Digital Communications Legislation Increasingly sophisticated technology available to the average citizen undeniably makes it more difficult for law enforcement to pursue legitimate investigations. When technology expands faster than society's capacity to examine the social, ethical, or legal implications of the changes, two potential problems emgerge: Laws that correspond to technological advances do not change, leaving law enforcement either handicapped or forced to implement illicit means in investigations, or laws change in ways that potentially intrude on civil liberties by reducing Constitutional protections. The trick is to find a happy medium. The legislation proposed by the U.S. Government reflects an attempt to bring current Federal legislation in line with technology. In principle, this is wise. In practice, questions arise that should be addressed in order to assure that the proposed legislation allows law enforcement to pursue its legitimate ends while simultaneously protecting the interests of citizens. The proposed legislation has not yet been submitted to Congress, and our understanding is that there is as yet no draft of the proposed changes. CPSR, EFF, the ACLU, and other groups appear to be actively involved in assuring that the language and implications of the final document will be carefully examined prior to submission. As we understand the proposed legislation, it would make it easier for investigators to conduct *legal* surveillance of digital, broad-band, communications by implementing technology that targets a specific user rather than an entire stream of users. To do this, telecommunications systems would require modification that would be implemented by the phone companies and would include changes in user devices. Among the questions the proposed legislation raises are: 1. Who would bear the costs of the modifications? Should costs be passed on to end telecommunications users? 2. How would the modifications change the requirements for obtaining warrants? 3. What potential abuses might arise from the modifications? 4. What unanticipated advantages or social benefits might emerge? 5. How might the concept of "good faith" be interpreted when non-targeted information is obtained? 6. How would the proposed legislation dovetail into recent U.S. Supreme Court decisions that expand the search powers of law enforcement? 7. What concepts or definitions of "telecommunications" and other terms would be established? How far would the scope of the legislation extend? Would it include data lines if it were suspected that the target were transferring an unlicensed version of Word Perfect? Among the "evidence" used to justify the seizure of Steve Jackson Games, the Secret Service claimed that the simple description of Kermit as a 7-bit protocol used to transfer data between mainframes and PCs was evidence of a conspiracy. Would this allow monitoring of all Kermit up/downloads by Steve Jackson employees? There are many other questions to be addressed, but the ultimate one remains: What is the best language that would protect both law enforcements' ability to carry out its function while preserving Constitutional rights? The recent history of some law enforcement officials, particularly in the Secret Service and a few local jurisdictions, indicates that the question is more than a philosophical debate. The consequences of ill-considered language for all involved require careful consideration of balance. The following is the press release proposing the legislation: +++++ U.S. Department of Justice Federal Bureau of Investigation Office of the Director Washington, D.C. 20535 March 6, 1992 STATEMENT BY FBI DIRECTOR WILLIAM S. SESSIONS CONCERNING PROPOSED DIGITAL COMMUNICATIONS LEGISLATION Law enforcement's continued ability to conduct court-authorized electronic surveillances is one of the most critical issues facing law enforcement today. However, recent telecommunications systems improvements have outpaced the government's ability to technologically continue this highly successful, and lawful technique. Consequently, the U.S. Government has proposed legislation requiring the telecommunications industry to ensure that its advanced digital telephone systems accommodate the legitimate needs of federal, state, and local law enforcement. Specifically, this legislation seeks to preserve the status quo of an extraordinarily efficient and effective technique utilized by law enforcement to conduct court-authorized electronic surveillances, as authorized by Congress in Title III of the Omnibus Crime Control and Safe Streets Act of 1968. The approach suggested in the legislation represents by far the least costly alternative and is the only certain method of addressing the issue. Without an ultimate solution, terrorists, violent criminals, kidnappers, drug cartels, and other criminal organizations will be able to carry out their illegal activities using the telecommunications system without detection. This proposal is critical to the safety of the American people and to the law enforcement officers who must daily enforce the laws of this country. The Legislative proposal is not solely a law enforcement proposal but is a result of a cooperative effort by Administration and Congressional leaders, telecommunications industry executives and law enforcement. ------------------------------ Date: Tue, 10 Mar 1992 17:47:59 -0500 From: dbanisar@washofc.cpsr.org Subject: File 6--CPSR Response to FBI Proposal CPSR letter on FBI Proposal CPSR and several other organizations sent the following letter to Senator Patrick Leahy regarding the FBI's recent proposal to undertake wire surveillance in the digital network. If you also believe that the FBI's proposal requires further study at a public hearing, contact Senator Hollings at the Senate Committee on Commerce. The phone number is 202/224-9340. Dave Banisar, CPSR Washington Office ==================================================== March 9, 1992 Chairman Patrick Leahy Senate Subcommittee on Law and Technology Committee on the Judiciary United States Senate Washington, DC 20510 Dear Senator Leahy, We are writing to you to express our continuing interest in communications privacy and cryptography policy. We are associated with leading computer an telecommunication firms, privacy, civil liberties, and public interest organizations, as well as research institutions and universities. We share common concern that all policies regarding communications privacy and cryptography should be discussed at a public hearing where interested parties are provided an opportunity to comment or to submit testimony. Last year we wrote to you to express our opposition to a Justice Department sponsored provision in the Omnibus Crime Bill, S. 266, which would have encouraged telecommunications carriers to provide a decrypted version of privacy-enhanced communications. This provision would have encouraged the creation of "trap doors" in communication networks. It was our assessment that such a proposal would have undermined the security, reliability, and privacy of computer communications. At that time, you had also convened a Task Force on Privacy and Technology which looked at a number of communication privacy issues including S. 266. The Task Force determined that it was necessary to develop a full record on the need for the proposal before the Senate acted on the resolution. Thanks to your efforts, the proposal was withdrawn. We also wish to express our appreciation for your decision to raise the issue of cryptography policy with Attorney General Barr at his confirmation hearing last year. We are pleased that the Attorney General agreed that such matters should properly be brought before your Subcommittee for consideration. We write to you now to ask that you contact the Attorney General and seek assurance that no further action on that provision, or a similar proposal, will be undertaken until a public hearing is scheduled. We believe that it is important to notify the Attorney General at this point because of the current attempt by the administration to amend the Federal Communications Commission Reauthorization Act with provisions similar to those contained in S. 266. We will be pleased to provide assistance to you and your staff. Sincerely yours, Marc Rotenberg, Computer Professionals for Social Responsibility David Peyton, ITAA Ira Rubenstein, Microsoft Jerry Berman, Electronic Frontier Foundation Mike Cavanagh Electronic Mail Association Martina Bradford, AT&T Evan Hendricks, US Privacy Council Professor Dorothy Denning, Georgetown University Professor Lance Hoffman, George Washington University Robert L. Park, American Physical Society Janlori Goldman, American Civil Liberties Union Whitfield Diffie, Sun Microsystems John Podesta, Podesta and Associates Kenneth Wasch, Software Publishers Association John Perry Barlow, Contributing Editor, Communications of the ACM David Johnson, Wilmer, Cutler & Pickering cc: Senator Joseph R. Biden, Jr Senator Hank Brown Senator Ernest F. Hollings Senator Arlen Specter Senator Strom Thurmond Representative Don Edwards Attorney General Barr Chairman Sikes, FCC ------------------------------ Date: Mon, 2 Mar 92 18:52:34 CST From: Digital Free Press <max%underg@uunet.uu.net> Subject: File 7--"Real Hackers?" Comparing the old and the new (DFP Reprint) ((Moderators' note: The following article is reprinted from the Digital Free Press. DFP and the Underground Computing Foundation BBS are useful sources for material on the Computer Underground. The DFP can be contacted at: max%underg@uunet.uu.net)) Real Hackers? There is a lot of talk these days about how the word 'hacker' has been redefined by the press. The theory is that the old hackers, as portrayed in Steven Levy's excellent book _Hackers: Heroes of the Computer Revolution_, were good and pure and this breed of hacker dramatized in the press is some new evil non-hacker terrorist. This is nonsense. According to the book, the hacker ethic(paraphrased) is as follows: 1. Access to computers should be unlimited and total. 2. All information should be free. 3. Mistrust Authority - Promote Decentralization. 4. Hackers should be judged by their hacking. 5. You can create art and beauty on a computer. 6. Computers can change your life for the better. In pursuit of the hacker ethic these heroes performed various acts that would not be looked upon favorably in today's anti-hacker society: Used Equipment Without Authorization (Page 20) ++++++++++++++++++++++++++++++++++++++++++++++ "So, without any authorization whatsoever, that is what Peter Sampson set out to do, along with a few friends of his from an MIT organization with a special interest in model railroading. It was a casual, unthinking step into a science-fiction future, but that was typical of the way that an odd subculture was pulling itself up by its bootstraps and growing to underground prominence-to become a culture that would be the impolite, unsanctioned soul of computerdom. It was among the first computer hacker escapades of the Tech Model Railroad Club, or TMRC." Phone Phreaked (Page 92) ++++++++++++++++++++++++ "He had programed some appropriate tones to come out of the speaker and into the open receiver of the campus phone that sat in the Kluge room. These tones made the phone system come to attention, so to speak, and dance." Modified Equipment Without Authorization (Page 96) ++++++++++++++++++++++++++++++++++++++++++++++++++ "Nelson thought that adding an 'add to memory' instruction would improve the machine. It would take _months_, perhaps, to go through channels to do it, and if he did it himself he would learn something about the way the world worked. So one night Stewart Nelson spontaneously convened the Midnight Computer Wiring Society." Circumvented Password Systems (Page 417) ++++++++++++++++++++++++++++++++++++++++ "Stallman broke the computer's encryption code and was able to get to the protected file which held people's passwords. He started sending people messages which would appear on screen when they logged onto the system: 'I see you chose the password [such and such]. I suggest that you switch to the password "carriage return. "It's much easier to type, and also it stands up to the principle that there should be no passwords.' 'Eventually I got to the point where a fifth of all the users on the machine had the Empty String password.' RMS later boasted. Then the computer science laboratory installed a more sophisticated password system on its other computer. This one was not so easy for Stallman to crack. But Stallman was able to study the encryption program, and as he later said, 'I discovered changing one word in that program would cause it to print out your password on the system console as part of the message that you were logging in.' Since the 'system console' was visible to anyone walking by, and its messages could easily be accessed by any terminal, or even printed out in hard copy, Stallman's change allowed any password to be routinely disseminated by anyone who cared to know it. He thought the result 'amusing.' Certainly these hackers were not anarchists who wanted only to destroy. They had a personal code of ethics, the hacker ethic to base their behavior on. In fact the modern hacker has his/her ethics intact. Compare the above hacker ethic with the hacker ethic found in _Out of the Inner Circle_ by Bill 'The Cracker' Landreth, a teenager arrested by the FBI (Page 18,60): 1. Never delete any information you can not easily restore. 2. Never leave any names on a computer. 3. Always try to obtain your own information. The common denominator to these ethics systems are the respect for technology, and the personal growth through free access and freedom of information. Certainly the attitude towards private property is the same. Accessing and using equipment that you do not own is okay as long as you do not prevent those who own it from using it, or damage anything. With respect to the hacker ethic the hackers mentioned in _Cyberpunk: Outlaws and Hackers on the Computer Frontier_ by Katie Hafner and John Markoff were in fact good hackers. If free access, and free information were the law of the land would Kevin Mitnick have gone to jail? I do not think so. Sure he got the source code for VMS, but is there any evidence that he used this information for personal gain, or did he simply use the information to improve his understanding of the VMS operating system? Robert T. Morris's worm program was a clever hack. Of course he 'gronked' it by programming the replication rate much too fast, but still there is no evidence that he had any intention of doing harm to the system. It was simply a computer experiment. Who owns the Internet? Is it some mysterious 'them' or is it our net? If it is out net, then we should be able to try some stuff on it, and to heck with 'them' if they can't take a joke. Of course the German hackers are a different story. What they got in trouble for was espionage, and not hacking, which is a breach of faith, and is hacking for personal gain. However selling Minix to the KGB almost makes it forgivable... It is my contention that hackers did not change. Society changed, and it changed for the worse. The environment the early hackers were working in correctly viewed these activities as the desire to utilize technology in a personal way. By definition hackers believe in the free access to computers and to the freedom of information. If you do not believe in these principles you are not a hacker, no matter how technologically capable you are. You are probable just a tool for the greed society. Current bad mouthing of hackers is simply snobbery. Rather than cracking down on the modern hacker, we should reinforce the hacker ethic, a code of conduct not based upon greed and lust for the almighty dollar, but instead for personal growth through the free access of computers and information, and a respect for technology. It is the humane thing to do. ------------------------------ Date: Sun, 8 Mar 92 03:21 EST From: "Michael E. Marotta" <MERCURY@LCC.EDU> Subject: File 8--BBSes and Telco Rates GRID News. ISSN 1054-9315. vol 3 nu 5 March 7, 1992. World GRID Association, P. O. Box 15061, Lansing, MI 48901 USA ------------------------------------------------------------------ (54 lines) Say YES! to Business Rates (C) 1992 by Michael E. Marotta BBS sysops in Oregon are fighting a telco policy to charge busi- ness rates for any phone with a fax or modem attached. BBS users know of similar telco policies from Kansas City, New York, Illinois, Indiana, Michigan and Texas over the last two years. Actually, there are at least two ways to view the situation. (1) THE HOME DATA CENTER In an information society, every home must be an information center. We have telephones and televisions, books, newspapers and magazines, computers, copiers, faxen, cable TV, VCRs, camcorders and answering machines. There is a view, wrongly held by sysops, that they "provide a service to many users." EVERY BBS USER IS A SYSOP. Whether you go to them or they go to you, data travels from home to home. (2) THE HOME TREASURY In a commercial society every home must be a business. We all buy and sell. Most of us buy and sell labor. (Anyone can build a car; most people choose not to.) In addition, people everywhere and Americans especially buy and sell housewares, nutritional supplements, baseball cards, comic books, automobiles and very many other goods. We routinely trade childcare, bookkeeping and computer programming services. Your checkbook is your general ledger. In 1892, "no one" had an adding machine or typewriter in their home. In 1942, dishwashers were found only in restaurants. Should your phone rate depend on whether or not you have a dishwasher or adding machine in your home? If yours should not, then why should General Motors'? Karl Marx's "Communist Manifesto" mandated public schools as a prerequisite to socialism. It is no accident that schools supported by tax dollars justify many marxist assertions. Among these is the myth that "businesses" are "rich" and can afford higher phone rates, while "workers" are "poor" and deserve a subsidy for the "right" to a phone. Another fallacy of marxism is that telephones are a "public utility" that must be regulated or owned by the state. Judging by other markets, if you let anyone become a phone company you will find that those who use more service will pay more in toto less per call. A user's or provider's race, sex, sources of income, height or weight will be equally irrelevant. Those who are good at providing information and carrier services will prosper and the others will become telco hobbyists. ------------------------------ Date: Fri, 6 Mar 1992 19:55:42 GMT From: NEELY_MP@DARWIN.NTU.EDU.AU(Mark P. Neely, Northern Territory Subject: File 9--HACKING grounds for dismissal A recent article in the _Solicitors Journal_ (Sept. 1991, p.1008-10) posed the question as to whether the unauthorised access to a Company's computer was grounds for dismissal of an employee. It was written by Geoff Holgate, and the following is based on it. The issue came before the court English Employment Appeals Tribunal (EAT) and is reported in Denco Ltd. v. Joinson [1991] 1 Weekly Law Reports 330. The employee, Michael Joinson, worked as a sheet metal worker for Denco Ltd. which manufactured air drying and air conditioning equiptment. In 1988 Denco installed a computer which had a number of VDU terminals attached to it. The computer was also used by another company, Intek, which operated out of the same premises. Denco's policy was to encourage its employees to use the terminal even though their jobs didn't strictly require it. The computer, via a series of menus, provided information relating to the part-icular department within the company. To gain access to a particular menu (or sub-menu) the user was required to enter a user identity code and password. The password was changed every week. The purpose of the passworded system was that the information was provided on a 'need to know' basis, and only those authorised to access a particular menu were entitled to use it. The system's history file (which recorded every stroke entered on every terminal on the system) revealed an unauthorised access to certain of Intek's records on the system. This access was traced to Joinson (who admitted the unauthorised access). He had used the password of the daughter of a fellow employee who was an Intek trainee. Joinson was a member of the Amalgamated Engineering Union. Indeed, he was chairperson of a joint committee representing the AEU and other unions. Denco alleged that Joinson had used the identity code and password to obtain information which would be of use to him in his trade union activities, such use being hostile to the company. Joinson claimed that his access to the unauthorised information was accidental. He was summarily dismissed for gross misconduct. Joinson complained he had been unfairly dismissed. The Employment Appeal Tribunal (hearing an appeal by Denco against an industrial tribunal which found in favour of Joinson) held that "if an employee deliberately used an unauthorised password in order to enter, or attempt to enter, a computer known to obtain information to which he was not entitled, then that of itself was gross misconduct which prima facie would attract summary dismissal..." [quote from article, p.1009, not judgement] However the EAT then went on to limit their decision by emphaising that "there may be some exceptional circumstances in which such a response might be held ule". [quote from case in article, p.1009] The tribunal reasoned that as maintenance of the integrity of information stored on an employer's computer was important, it was in the best interests of management to make it "abundantly clear" that interference with its integrity would result in severe penalty. Any comments from the floor? ------------------------------ Date: Tue, 3 Mar 92 02:49:54 MST From: mbarry@ISIS.CS.DU.EDU.CS.DU.EDU(Marshall Barry) Subject: File 10--Updated Info on 2nd Annual Int'l BBSing & Elec. Comm Conf. FOR IMMEDIATE RELEASE Contact: Terry Travis or Michelle Weisblat IBECC A Non-Profit Educational, Literary, and Scientific Society P.O. Box 486 Louisville, CO 80027-0486 Presents The 1992 International BBSing and Electronic Communications Conference (303) 426-1847 [VOICE] (303) 429-0449 [Fax] (303) 426-1866 [DATA/BBS] E-Mail: IBECC@f69.n104.z1.FidoNet.Org What is IBECC '92? ------------------ IBECC '92 is the SECOND ANNUAL International BBSing and Electronic Communications Conference. It will be held AUGUST 13-16, 1992 in Denver, Colorado. This year's theme is "Socially Responsible Computing." -------------- Special Guests -------------- DR. JERRY POURNELLE, Ph.D. - Computer Columnist and Editor (Byte), Author (Science Fact and Fiction), Lecturer, Consultant on the Impact of High Technology on Society, Chairman of the Citizen's Advisory Council on National Space Policy, and Outspoken Social Critic - Speaking on "Socially Responsible Computing", the future of communications and technology in an electronic world, as well as his own views on the society of tomorrow. LARRY NIVEN - Futurist, Hugo Award-Winning Author, Designer of Worlds, Supporter of Space Conquest - Speaking on the future of networks as personal interfaces, reality overtaking fantasy, and living with computers when you really don't want to. DAVID HUGHES, SR. - Architect of Big Sky Telegraph (the Montana Electronic School House), Consultant, Mover and Shaker, President of Old Colorado City Communications, U.S. Military (ret) - Speaking on NREN, the SuperComputer Highway, and education through computers and networking. Attending IBECC '92 ------------------- IBECC '92 is an intensive THREE-DAY conference. Sessions planned include: "Introduction to BBSing" (What is a BBS, and How Do I Use It?), "BBSes and the Law" (The Legal Rights and Responsibilities of BBS Operators and Users), "Safe Computing" (The Detection and Prevention of Computer Infection), "Rumor Control 1992" (Knowing the Difference Between Fact and Fiction, and Taking Action Where Needed), "Why Kelly CAN Read" (An Exploration into Education and the Computer), "NREN" (The National SuperComputer Highway and How it Will Affect Us All), "Staying Alive" (BBSing, Electronic Communication and the Homebound / Physically Challenged), and "Security? What's That?" (The What, Why, and How of Keeping Your Data and Information Safe). Should you attend? If you have an interest in electronic communications, bulletin boards, telecommuting, security or safe computing, yes. If you would like to understand what a "hacker" is, and is not, and what you can do to protect your electronic privacy, yes. If your children make more use of your modem or computer than you do, yes. In fact, unless you have absolutely no interest in using your computer for interacting with the world, you should be there! So that the conference will retain its personal and informal atmosphere, attendance at IBECC '92 is strictly limited. What Is IBECC? -------------- IBECC is a Non-Profit Educational, Scientific, Literary and Charitable Society (IRS 501(c)(3) applied for). Incorporated in Colorado, IBECC's purposes include the promotion of national and international electronic communications, the advancement of telecommunications and teleconferencing, the improvement of communications between electronic networks, education in the uses, requirements, and security of online services, and general support of the electronic community. A non-profit organization, IBECC is much MORE than just another %trade show' -- it is a year-round clearing house for ideas, news, and relevant information. IBECC represents the interests and concerns of not only the professional, but the hobbyist and home user as well. IBECC is primarily Volunteer-Run. Membership (currently $25.00/year individual, $100.00/year corporate) pays for the IBECC Newsletter and electronic Bulletin Board System (BBS), telephones, support and information services, etc. - not salaries. The founders of IBECC, who are all handicapped, are extensively involved in computer networks and electronic communications, and also run several BBSes in the Denver area. ---------------------------------------- IBECC '92 Membership & Hotel Information ---------------------------------------- (All Rates are in U.S. Dollars) VIP (Includes IBECC Membership and VIP Suite) SPECIAL RATE THROUGH MARCH 8, 1992: $80.00 March 9, 1992 through June 15, 1992: $125.00 June 16, 1992 through July 31, 1992: $175.00 August 1, 1992 and at the door (if available): $200.00 Spouse/Significant Other, with VIP Member: $9.69 Children (Under 14), with VIP Member: FREE Call or Write for Other Rates (Conference Only, Handicapped, etc) Conference Location ------------------- The conference will be held in the SAME HOTEL AS LAST YEAR: Sheraton Denver West Hotel & Convention Center 360 Union Boulevard, Lakewood, CO 80228 (800) LAKEWOOD or (303) 987-2000 Rates ----- $62.00 (+ tax) Single or Double Please Mention IBECC for this DISCOUNTED RATE! Special Rates on Hospitality and Sleeping Suites may be Arranged through IBECC ---------------------------------- VENDORS, DEALERS, and DISTRIBUTORS ---------------------------------- Dealer and Vendor Booths and Tables Available at VERY Competitive Rates Please Call or Write for Information and Rates IBECC - Now, More than Ever, Your Connection to the WORLD! IBECC BBS: (303) 426-1866 (3/12/24/96/14.4 v.32bis/v.42/HST) IBECC VOICE INFORMATION: (303) 426-1847 (Mon-Sat, 9AM-7PM, MST) IBECC Mailing Address: P.O. Box 486, Louisville, CO 80027-0486 ------------------------------ End of Computer Underground Digest #4.11 ************************************